package com.github.zhangkaitao.shiro.chapter12.web.mvc;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.MapCache;
import org.apache.shiro.mgt.RealmSecurityManager;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;

/**
 * <p>User: Zhang Kaitao
 * <p>Date: 14-2-12
 * <p>Version: 1.0
 */
@Controller
public class AnnotationController {
    private static final Logger logger = LoggerFactory.getLogger(AnnotationController.class);

    @RequestMapping("/login")
    public String login(@RequestParam(required = false) String username,
                        @RequestParam(required = false) String password,
                        ModelMap map) {
        Subject subject = SecurityUtils.getSubject();
        RealmSecurityManager realmSecurityManager = (RealmSecurityManager) SecurityUtils.getSecurityManager();
        AuthenticationToken token = new UsernamePasswordToken(username, password, true);
        String message = "错误";
        try {
            SecurityUtils.getSecurityManager().login(subject, token);
        } catch (LockedAccountException e1) {
            //锁定状态
            message = "帐号被锁定";
            logger.info(message);
            map.put("error", message);
            return "login";
        } catch (DisabledAccountException e) {
            //禁用状态
            message = "帐号已被禁用";
            logger.info(message);
            map.put("error", message);
            return "login";
        } catch (UnknownAccountException e2) {
            //错误帐号
            message = "未知帐号";
            logger.info(message);
            map.put("error", message);
            return "login";
        } catch (ExcessiveAttemptsException e3) {
            //登录错误次数过多
            message = "错误次数过多";
            logger.info(message);
            map.put("error", message);
            return "login";
        } catch (IncorrectCredentialsException e4) {
            //错误的凭证
            message = "错误的密码";
            logger.info(message);
            map.put("error", message);
            return "login";
        } catch (ExpiredCredentialsException e5) {
            //过期的凭证
            message = "过期的凭证";
            logger.info(message);
            map.put("error", message);
            return "login";
        }
        map.put("user", subject.getPrincipal());
        return "redirect:/";
    }

    @RequestMapping("/admin")
    public String admin() {
        SecurityUtils.getSubject().checkRole("admin");
        return "admin";
    }

    @RequiresRoles("manager")
    @RequestMapping("/mana")
    public String manager() {
        return "manager";
    }

    @RequestMapping("/noLimit")
    public String noLimit() {
        Subject subject = SecurityUtils.getSubject();
        return "success";
    }

    @RequestMapping("/show")
    @RequiresPermissions("show")
    public String show() {
        return "show";
    }

    @RequestMapping("/add")
    @RequiresPermissions("add")
    public String add() {
        return "add";
    }

    @RequestMapping("/edit")
    @RequiresPermissions("edit")
    public String edit() {
        return "edit";
    }

    @RequestMapping("/delete")
    @RequiresRoles("admin")
    @RequiresPermissions(("delete"))
    public String delete() {
        return "delete";
    }

}
